The Information Commissioner’s Office has published for consultation its first GDPR-related draft guidance on consent under the General Data Protection Regulation.
Legal tips for the cloud
Being aware of the legal aspects of cloud computing can help the adoption of cloud computing. Cloud computing can offer a more efficient option for services like data storage and email services with end users having their data stored in a remote location by a third party cloud provider. This model is often much cheaper than investing in servers and software, but it does come with risks. Users need to be sure the contract they sign really meets their needs, gives precise information regarding ownership, access, privacy and security, governing law, allocation of the risk and what happens if the cloud provider goes out of business.
CloudWATCH is publishing a series of informative tips for potential adopters of the cloud, indicating the right places to look for accurate and trustworthy information on this issue.
On January 10, 2017, the European Commission issued the proposal for a Regulation on Privacy and Electronic Communications. This Regulation will repeal and supersede the current Directive 2002/58.
Cloud computing & IoT are on the rise, it is a good idea to start looking into these technologies and consider how they can and boost productivity minimizing risks.
Sometimes, clauses where an arbitration dispute resolution process is required are set in cloud computing contracts. This arbitration dispute resolution could appear as an alternative to the ordinary jurisdiction, or as a compulsory process (this assumption can not be applicable when the customers are consumers). Arbitration could be followed, as well, in case of exceeding a certain value or whether a concrete jurisdiction determined so....
Looking at news media, one cannot avoid the feeling that there is a real war going on the internet, with several active forces: armies, of course, but also raiders looking for easy money, wannabe pirates, professional and well determined attackers as well as absolute beginners without a clue. All provided with very effective weapons, compared to defences not always up to the menace.
by FABIO COATTI, ICT Legal Consulting - It's a common knowledge that the threat to IT systems is becoming increasingly versatile and subtle.
Hardly a day passes without tweets about new malware, news reports of big firms hacked or forums busy with new virus discussions, last example being the infamous CBT-Locker ransomware.
by Luca Bolognini - In August 2014 the International Organization for Standardization, ISO, published ISO 27018, a standard developed specifically for providers of cloud computing services. ISO 27018 is the first and only of its kind in the world, a set of rules built on the ISO 27001 and 27002 standards to ensure the compliance of public cloud providers with the principles and rules established in Directive 95/46/EC.
From CloudWATCH's legal experts ICT Legal Consulting
On 16 September 2014, the Article 29 Working Party adopted a Statement about the impact on the development of “Big Data” on the protection of individual, with regard to the processing of their personal data in the EU. Here are the key messages in the Statement
From CloudWATCH's legal experts ICT Legal Conslutling. On 16 September 2014, the Artilce 29 Working Party adopted the Opinion n.8/2014, which analyses the risk profiles and the critical issues related to data security in the ecosystem of the Internet of Things (IoT). The Opinion aims to promote the uniform application of the legal data protection framework and the growth of the level of protection of data users and provides some recommendations addressed to different stakeholders concerned.
Kuan Hon, Queen Mary University of London is co-author of this Working Paper which considers the implications for cloud accountability of current proposals under the draft General Data Protection Regulation to modernise the EU Data Protection Directive. It makes recommendations aimed at improving the technology-neutrality of the proposals and their appropriateness for cloud computing, with a view to ensuring that the proposals will maintain or enhance protection of personal data for data subjects while not unduly deterring cloud computing.